ssh on both sides

Hi,

Im behind a firewall that allows certains outgoing connections but
blocks incoming ones. As I can connect from work to my house through
ssh, Im thinking on the way of keep that connection alive and when I
get home, keep in touch with it. But cant figure out how to do it. I
was thinking on netcat or vpn, but I cant guess how to do it.
Any clue?


(f this isnt the right list, sorry)

Tnx in advance!

tonia wrote:
> Hi,
>
> Im behind a firewall that allows certains outgoing connections but
> blocks incoming ones. As I can connect from work to my house through
> ssh, Im thinking on the way of keep that connection alive and when I
> get home, keep in touch with it. But cant figure out how to do it. I
> was thinking on netcat or vpn, but I cant guess how to do it.
> Any clue?
>
>

I think you can do it via ssh port forwarding. You'd need to configure
your home ssh server to allow port forwarding then from your ssh client
map a remote port on your home machine to a port on your office
network. Note that the destination port can be any machine reachable
from your office machine.

Example1: Use the current ssh tunnel to allow you to reverse ssh back
to your office machine. Map remote port 10000 to local ssh port:

.from office ssh client:

ssh -R 10000:localhost:22 (E-Mail Removed)

then from your home (note that you need root access to ssh to
nonstandard ports):

ssh -D 10000 officeusername@127.0.0.1

Example2: Same as above but ssh back to another server on your office
network, for example 192.168.1.220. This time we map remote port 11000
to server ssh port:

.from office ssh client:

ssh -R 11000:192.168.1.220:22 (E-Mail Removed)

then from your home:

ssh -D 11000 username@127.0.0.1


Google "ssh port forwarding" for more info.

tnx for the quick (and helpful) answer!!!!

that did the trick... except i use

ssh user@127.0.0.1 -p 10000

instead of

-D

btw, really simple isnt it?

tnx again!


(E-Mail Removed) wrote:
> tonia wrote:
> > Hi,
> >
> > Im behind a firewall that allows certains outgoing connections but
> > blocks incoming ones. As I can connect from work to my house through
> > ssh, Im thinking on the way of keep that connection alive and when I
> > get home, keep in touch with it. But cant figure out how to do it. I
> > was thinking on netcat or vpn, but I cant guess how to do it.
> > Any clue?
> >
> >
>
> I think you can do it via ssh port forwarding. You'd need to configure
> your home ssh server to allow port forwarding then from your ssh client
> map a remote port on your home machine to a port on your office
> network. Note that the destination port can be any machine reachable
> from your office machine.
>
> Example1: Use the current ssh tunnel to allow you to reverse ssh back
> to your office machine. Map remote port 10000 to local ssh port:
>
> .from office ssh client:
>
> ssh -R 10000:localhost:22 (E-Mail Removed)
>
> then from your home (note that you need root access to ssh to
> nonstandard ports):
>
> ssh -D 10000 officeusername@127.0.0.1
>
> Example2: Same as above but ssh back to another server on your office
> network, for example 192.168.1.220. This time we map remote port 11000
> to server ssh port:
>
> .from office ssh client:
>
> ssh -R 11000:192.168.1.220:22 (E-Mail Removed)
>
> then from your home:
>
> ssh -D 11000 username@127.0.0.1
>
>
> Google "ssh port forwarding" for more info.

tonia wrote:
> Hi,
>
> Im behind a firewall that allows certains outgoing connections but
> blocks incoming ones. As I can connect from work to my house through
> ssh, Im thinking on the way of keep that connection alive and when I
> get home, keep in touch with it. But cant figure out how to do it. I
> was thinking on netcat or vpn, but I cant guess how to do it.
> Any clue?
>
>
> (f this isnt the right list, sorry)
>
> Tnx in advance!
>
Check that you're not violating any IT policies at your place of work.

Somewhere in the ssh protocol there's provision for TCP keep-alives - I
can keep a connection up for a long time if I've got that enabled.
--
Dave
mail da (E-Mail Removed) (without the space)
http://www.llondel.org
So many gadgets, so little time

tonia wrote:
> tnx for the quick (and helpful) answer!!!!
>
> that did the trick... except i use
>
> ssh user@127.0.0.1 -p 10000
>
> instead of
>
> -D
>
> btw, really simple isnt it?
>
> tnx again!

Oops, yes it should have been -p. And you don't need to be root to do
it. Sorry, get confused sometimes ;-)

tonia wrote:
> tnx for the quick (and helpful) answer!!!!
>
> that did the trick... except i use
>
> ssh user@127.0.0.1 -p 10000
>
> instead of
>
> -D
>
> btw, really simple isnt it?
>
> tnx again!

Oops, yes it should have been -p. And you don't need to be root to do
it. Sorry, get confused sometimes ;-)

On Mon, 22 Jan 2007 02:10:49 -0800, tonia wrote:

> Hi,
>
> Im behind a firewall that allows certains outgoing connections but
> blocks incoming ones. As I can connect from work to my house through
> ssh, Im thinking on the way of keep that connection alive and when I
> get home, keep in touch with it. But cant figure out how to do it. I
> was thinking on netcat or vpn, but I cant guess how to do it.
> Any clue?
>
>
> (f this isnt the right list, sorry)
>
> Tnx in advance!

I'd be very careful about what you're trying to do. It could get you fired
for circumventing your employers security. If you have a legitimate reason
to connect to your office network from home, I'd suggest that you contact
your IT department to allow you VPN access to your employers network.